Hi Michael & Glenn, On Fri, 15 Oct 2021 12:26:38 +0200 Michael Biebl <bi...@debian.org> wrote: > Am 15.10.21 um 11:14 schrieb Michael Biebl: > > Am 15.10.21 um 07:53 schrieb Glenn Washburn: > >> Probably the easiest solution would be to exit early from the post install > >> if the current user is not root. There's probably a more subtle fix that > >> preserves more functionality (eg. maybe updating the hwdb in PKG_ROOT?), > >> what ever gets the post install to not fail in this scenario works for me. > > > > Package installations need to be done as root. > > I don't think the package would benefit if we'd litter the maintainer > > scripts with id checks. > > > > Please elobare what the use case is here? > > I notice that you filed multiple bugs against various packages [1]. > I don't think this is particularly helpful as long as dpkg doesn't > officially support installations as non-root. > > If you want to allow non-root installations, then this needs to be > discussed with the dpkg maintainer and ideally on debian-devel. > While this might be a laudable goal, my guess is that with the way packages > are built today, this is not (easily) possible.
Helmut just made me aware of this bug as well as few others by Glenn that talk about "PKG_ROOT" and asked me to follow up on the topic. Assuming that "PKG_ROOT" is a typo and actually "DPKG_ROOT" is meant (Glenn, could you clarify?), then it is important to know that DPKG_ROOT is about root as in the root path ("/") and not as in the root user. The DPKG_ROOT variable that is set for maintainer scripts if dpkg is run with --root and --force-script-chrootless. Helmut and I are working on making the Essential:yes package set work with DPKG_ROOT and we have submitted patches for all source packages that are still missing support for it and we have a salsa CI pipeline that makes sure that our patches allow a bit-by-bit identical chroot compared to installations without DPKG_ROOT: https://salsa.debian.org/helmutg/dpkg-root-demo/-/jobs While running dpkg with --root and --force-script-chrootless avoids the chroot() call and thus, allows installing packages without the root user in theory, the DPKG_ROOT mechanism and the avoidance of the chroot() was *not* added to dpkg so that packages can be installed as a user other than root. The DPKG_ROOT mechanism exists because it allows creating foreign architecture chroots for architectures that do not have qemu support yet or for which emulation support is too slow. So DPKG_ROOT is something that helps us with handling chroots for foreign architectures, bootstrapping Debian as well as using Debian in an embedded systems context. I agree with what Michael already wrote above. Glenn, before you open bugs against a number of packages, please explain your use-case to a wider audience. Maybe on the debian-devel mailing list. Without more information, I don't see a use-case of being able to install packages without being the root user. For cases where you still want to do that, there is fakeroot and there are Linux user namespaces. I maintain a debootstrap alternative called mmdebstrap which allows one to create a chroot without being root that makes use of fakeroot and unshare. So I can confirm that it is already possible to run dpkg --install without being the root user and I currently don't see a reason why adding support of running maintainer scripts without being uid 0 would be necessary in practice. Glenn, if you want to help with DPKG_ROOT, you are welcome to do so! Just write patches and submit merge requests to the salsa repository linked above. After your patches are tested and show that they result in a bit-by-bit identical chroot, you can open a bug against the respective source packages with a working patch. Thanks! cheers, josch
signature.asc
Description: signature